Identify, assess, and mitigate operational risk with this practical and authoritative guideIn the newly revised second edition of Operational Risk Management: A Complete Guide for Banking and Fintech, accomplished risk executive and expert Philippa Girling delivers an insightful and practical exploration of operational risk in organizations of all sizes. She offers risk professionals and executives the tools, strategies, and best practices they need to mitigate and overcome ever-present operational risk challenges that impact business in all industries.
This latest edition includes:
- Insight into how operational risk can be effectively managed and measured in today's digital banking age.
- Updates on the latest regulatory guidance on operational risk management requirements in all aspects of the operational risk framework.
- Updates on the new Basel II capital modeling methodology for operational risk.
- New explorations of operational risk events in recent years including the impact of the global Covid-19 pandemic.
- Updated case studies including large events at Wells Fargo, Credit Suisse and Archegos Capital Management.
Ideal for executives, managers, and business leaders, Operational Risk Management is also the perfect resource for risk and compliance professionals who wish to refine their abilities to identify, assess, mitigate, and control operational risk.
Author(s): Philippa X. Girling
Series: Wiley Finance Series
Edition: 2
Publisher: Wiley
Year: 2022
Language: English
Pages: 379
City: Hoboken
Cover
Title Page
Copyright Page
Contents
Preface
Acknowledgments
Chapter 1 Definition and Drivers of Operational Risk
The Definition of Operational Risk
2012 London Olympics: A Case Study
Test One: Do the Seven Basel Operational Risk Categories Work in the Real World?
Test Two: The Risk Management Tools
Operational Risk Management and Operational
Risk Measurement
Operational Risk Management
Operational Risk Measurement
The Relationship between Operational Risk Management and Other Risk Types
Drivers of Operational Risk Management
Key Points
Review Questions
Notes
Chapter 2 The Regulatory Push
History of the Basel Accords
Rules of the Accords
Basel I
Basel II
Adoption of Basel II in Europe
Adoption of Basel II in the United States
Securities and Exchange Commission Amendments to the Net Capital Rule
U.S. Regulators’ Adoption of New Regulations to Apply Basel II
Impact of the Financial Crisis
The Limitations of Basel II
European Response to the Crisis
U.S. Response to the Crisis
Basel III
Key Points
Review Questions
Notes
Chapter 3 The Operational Risk Framework
Overview of the Operational Risk Framework
The Foundations of the Framework
Governance
Culture and Awareness
Policies and Procedures
The Four Data Building Blocks
Loss Data Collection
Risk and Control Self-Assessment
Scenario Analysis
Key Risk Indicators
Measurement and Modeling
Reporting
Risk Appetite
Key Points
Review Questions
Note
Chapter 4 Operational Risk Governance
Role of Governance
First Line of Defense
Second Line of Defense
Who Should Own the Operational Risk Function?
What Should the Operational Risk Function Own?
Third Line of Defense
Audit
Validation
Risk Committees
Key Points
Review Questions
Notes
Chapter 5 Culture and Awareness
Winning over the Firm
Marketing and Communication
Agile
Training
Planning
The “Use Test”
Key Points
Review Question
Note
Chapter 6 Policies and Procedures
The Role of Policies, Procedures, Guidelines, and Standards
Best Practices
Operational Risk Policy
Sample Operational Risk Policy
Sample Standards, Procedures, and Guidelines
Extract from a Loss Data Standards Document
Extract from a Loss Data Procedures Document
Extract from a Loss Data Guidelines Document
Linkage between Documents
Key Points
Review Question
Note
Chapter 7 Internal Operational Risk Event Loss Data
Operational Risk Event Data
Internal Loss Data or Internal Operational Risk Events
Why Collect Operational Risk Event Data?
Who Should Collect the Operational Risk Event Data?
What Should Be Collected in the Operational Risk Event Data Program?
Risk Event Categories
Internal Fraud
External Fraud
Employment Practices and Workplace Safety
Clients, Products, and Business Practices
Damage to Physical Assets
Business Disruption and System Failures
Execution, Delivery, and Process Management
Using the Basel Risk Categories
Minimum Operational Risk Event Data Standards
Comprehensive
Threshold
Amount
Date
Description and Causes
Criteria for Allocation to Business Line
Criteria for Allocation to Central and Supporting Functions
All Impacted Departments
Boundary Events Identified
Action Items
Nonfinancial Impacts
Where Should Operational Risk Event Data Be Collected?
When Should Operational Risk Event Data Be Collected?
How Should Operational Risk Event Data Be Collected?
Key Points
Review Questions
Notes
Chapter 8 External Loss Data
External Operational Risk Event Data
Sources of External Loss Event Data
Subscription Databases
Consortium Data
Challenges of External Data
Société Générale and the External Event That Shook the Operational Risk World
Key Points
Review Question
Notes
Chapter 9 Key Risk Indicators
Key Risk Indicators
Key Performance Indicators
Key Control Indicators
Metric Types
Selecting Kris
Thresholds
Kri Standards
Kri Challenges
Metrics Examples
People Metrics
Compliance Metrics
Technology and Infrastructure Metrics
Business Continuity Metrics
Client Metrics
Trade Execution and Process Management Metrics
Financial Statement Metrics
Key Points
Review Question
Note
Chapter 10 Risk and Control Self-Assessments
The Role of Assessments
Control Assessments
Risk and Control Assessments
RCSAs
RCSA Methods
Questionnaire Approach
Workshop Approach
Hybrid RCSA Methods
RCSA Scoring Methods
Scoring Control Effectiveness
Risk Impact Scores
Probability or Frequency
Risk Severity
RCSA Best Practices
Interview Participants Beforehand
Review Available Background Data from Other Functions
Review Past RCSAs and Related RCSAs
Review Internal Loss Data
Review of External Events
Carefully Select and Train Participants
Document Results
Score Appropriately
Identify Mitigating Actions
Implement Appropriate Technology
Ensure Completeness Using Taxonomies
Themes Identified
Leverage Existing Assessments
Schedule Appropriately
Backtest or Validate Results
Key Points
Review Question
Note
Chapter 11 Scenario Analysis
Role of Scenario Analysis
Scenario Analysis Approaches
(a) A Clearly Defined and Repeatable Process
(b) Background Preparation
(c) Qualified and Experienced Facilitators with Consistency in the Facilitation Process
(d) The Appropriate Representatives
(e) A Structured Process for the Selection of Data
(f) High-Quality Documentation Which Provides Clear Reasoning and Evidence Supporting the Scenario Output
(g) Independent Challenge and Oversight
(h) A Process That Is Responsive to Changes
(i) Mechanisms for Mitigating Biases
Scenario Analysis Output
Key Points
Review Questions
Notes
Chapter 12 Capital Modeling
Operational Risk Capital
Basic Indicator Approach
Standardized Approach
Alternative Standardized Approach
Future of the Basic and Standardized Approaches
Advanced Measurement Approach
Quantitative Requirements of an AMA Model
Loss Distribution Approach to Modeling Operational Risk Capital
Scenario Analysis Approach to Modeling Operational Risk Capital
Hybrid Approach to Modeling Operational Risk Capital
Insurance
Future of Capital Requirements: Basel III
Basel III Standardized Approach
Disclosure
Key Points
Review Questions
Notes
Chapter 13 Reporting
Role of Reporting
Operational Risk Event Reporting
Impact of Gains on Internal Event Reporting
Trends in Internal Losses
Internal Losses by Risk Category
Timeliness
External Loss Data Reporting
Risk and Control Self-Assessment
Reporting
Key Risk Indicator Reporting
Scenario Analysis Reporting
Capital Reporting
Action Tracking Reporting
A Consolidated View
Dashboards
Key Points
Review Question
Chapter 14 Risk Appetite
The Role of Risk Appetite
Regulatory Expectations
Implementing a Risk Appetite Framework
The Risk Appetite Framework as a Strategic Decision-Making Tool
Appetite Governance: The Board, “C-Suite,” and Business Lines
Promoting a Firmwide Risk Appetite Framework
Monitoring the Firm’s Risk Profile within the Risk Appetite Framework
Monitoring Operational Risk Appetite
Risk Capacity
Operational Risk Appetite
Operational Risk Tolerance
Operational Risk Limits/Indicators
Risk Appetite Today
Key Points
Review Question
Notes
Chapter 15 Reputational Risk and Operational Risk
What Is Reputational Risk?
Reputational Impact
Global COVID-19 Pandemic
Banking and Fintech Scandals
Stock Price Impacts
Regulatory Oversight of Reputational Risks
Reputational Risk Management Framework
Drivers
Governance
Event Data Collection
RCSA
Key Risk Indicators
Scenario Analysis
Reporting
Key Points
Review Question
Notes
Chapter 16 Operational Risk and Convergence
Operational Risk as a Catalyst for Convergence
Governance, Risk, and Compliance (GRC)
Assessment Convergence
Convergence of Metrics
Converged or GRC Reporting
GRC Tools
Key Points
Review Question
Notes
Chapter 17 Best Practices in Related Risk Management Activities
New-Product
Approval
Supplier and Third-Party
Risk Management
Legal Risk Management
Legal Considerations in the Operational Risk Framework
Capturing Legal Risks Using the Operational Risk Framework
Regulatory Risk Management
People Risk Management
Fraud Risk Management
Technology Risk Management
Climate Risk
Pandemic Planning
Strategic Risk
Key Points
Review Question
Notes
Chapter 18 Case Studies
JPMorgan Whale: Risky or Frisky?
Review Questions
Notes
Appendix: Answers to Review Questions
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 12
Chapter 13
Chapter 14
Chapter 15
Chapter 16
Chapter 17
Chapter 18
Notes
About the Author
About the Website
Index
EULA
